modsecurity module for nginx

suntzu nginx-forum at
Wed May 13 08:51:37 MSD 2009


I was looking for Web Application Firewall solution and found modsecurity (via apache) very useful. Only problem is that, it is GPLed and can not be embedded in commercial product. Is it possible to write modsecurity type module (with rule language) in nginx. Are sufficient hooking of http request/response  cycle within reverse proxy mode available in nginx to fulfill modsecurity like functionality  of "allow" or "deny" some calls to the upstream server based on rules (xpath or regex based)?


Posted at Nginx Forum:,1996,1996#msg-1996

More information about the nginx mailing list